https
redirect http
to https
in nginx and use the http version of the url as callback url in the github oauth app setting
(related to #647)
It worked for me.
Remember that the callback url is actually set on github and not on Zammad.
Here:
Thanks @madd86 !
@madd86 that's what I did. The other thing is just the workaround so that it works
Hi @schurig - ups. Hit the button to early 😁
I analyzed the behavior and can reproduce the issue you are having. Sadly it's out of the Zammad scope (done by Ominauth) so we can't provide a direct fix. Nevertheless we will analyze it further to find the best solution to get it to work.
How to reproduce:
Current state:
The redirect_url comes from here:
https://github.com/intridea/omniauth-github/blob/master/lib/omniauth/strategies/github.rb#L5
https://github.com/intridea/omniauth-oauth2/blob/master/lib/omniauth/strategies/oauth2.rb#L47
https://github.com/omniauth/omniauth/blob/8098855f6b52f5f1aecbd700e7068f204adddfdd/lib/omniauth/strategy.rb#L435
https://github.com/omniauth/omniauth/blob/8098855f6b52f5f1aecbd700e7068f204adddfdd/lib/omniauth/strategy.rb#L428
https://github.com/omniauth/omniauth/blob/8098855f6b52f5f1aecbd700e7068f204adddfdd/lib/omniauth/strategy.rb#L503
Seems some of those RACK ENVs are not set properly. Should be checked if we can influence this via the NGINX conf or if we have to do it somehow in the Rails context.
Hi @schurig - I think I got it! Are you running with an NGINX installation? If so please update your configuration and add these two lines:
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port 443;
Like in the screenshot:
Restart your NGINX and Zammad and let me know. Apache should be these lines:
RequestHeader set Host zammad.example.com
RequestHeader set X-Forwarded-Proto https
RequestHeader set X-Forwarded-Port 443
For the record: I dumped the rack.envs via an initializer overwriting the Omniauth ssl detection in a new rails initializer config/initializers/debug_ssl.rb
:
Rails.application.config.to_prepare do # to_prepare ensures that the monkey patching happens before the first request
OmniAuth::Strategy.class_eval do # reopen the class
protected
def ssl? # redefine the ssl? method
# DEBUG/CUSTOMIZATION
File.write('/tmp/omniauth.log', request.env.inspect)
# DEBUG/CUSTOMIZATION
request.env['HTTPS'] == 'on' ||
request.env['HTTP_X_FORWARDED_SSL'] == 'on' ||
request.env['HTTP_X_FORWARDED_SCHEME'] == 'https' ||
(request.env['HTTP_X_FORWARDED_PROTO'] && request.env['HTTP_X_FORWARDED_PROTO'].split(',')[0] == 'https') ||
request.env['rack.url_scheme'] == 'https'
end
end
end
And none of the checked vars were set.
This was the problem! Thanks!! 😍 ❤️
Thanks for the feedback! Commit is on its way. 🚀 up to the next issue.
Try this answer it worked with me
https://stackoverflow.com/a/41466634/1770571
@salmagomaa this does not solve the problem and was a Bug within Zammad.
Please try not to recycle posts - the issue has been resolved already.
Most helpful comment
Hi @schurig - I think I got it! Are you running with an NGINX installation? If so please update your configuration and add these two lines:
Like in the screenshot:
Restart your NGINX and Zammad and let me know. Apache should be these lines:
For the record: I dumped the rack.envs via an initializer overwriting the Omniauth ssl detection in a new rails initializer
config/initializers/debug_ssl.rb
:And none of the checked vars were set.